如何在单个服务器上使用带有多个域名的 OpenDKIM?
我拥有 3 个域名,并且有一台运行 postfix 发送电子邮件的服务器。如何使用 OpenDKIM?
我可以对所有 3 个域名使用相同的密钥文件吗?我是否必须为每个域名创建一个 TXT 记录?
答案1
您需要为每个选择器/域/密钥文件设置一个单独的行的 KeyTable。它看起来如下:
default._domainkey.example1.com example1.com:default:/etc/mail/dkim/keys/example1.com/default
default._domainkey.example2.com example2.com:default:/etc/mail/dkim/keys/example2.com/default
default._domainkey.example3.com example3.com:default:/etc/mail/dkim/keys/example3.com/default
然后使用 SigningTable 来确定谁可以在每个域上签名:
*@example1.com default._domainkey.example1.com
*@example2.com default._domainkey.example2.com
*@example3.com default._domainkey.example3.com
以下是简单的设置方法:
答案2
这个问题有点过时了,但以下配置对我有用。
选择器通常是default,但可以是任何值,只要您没有多个具有相同选择器的键即可。
SELECTOR=default
DOMAIN=domain.tld
# Add a rule for the new domain to the signing table (location of the signing table should be configured in opendkim.conf)
echo -e "*@${DOMAIN} ${SELECTOR}._domainkey.${DOMAIN}" | sudo tee -a /etc/opendkim/SigningTable
# Add the path to the key to the key table (again, defined in opendkim.conf)
echo -e "${SELECTOR}._domainkey.${DOMAIN} ${DOMAIN}:${SELECTOR}:/etc/opendkim/keys/${DOMAIN}/${SELECTOR}.private" | sudo tee -a /etc/opendkim/KeyTable
# Add the domain to the trusted hosts (I think this is not necessary if you send from localhost)
echo -e "${DOMAIN}" | sudo tee -a /etc/opendkim/TrustedHosts
# Create a directory for the domain's key
sudo mkdir -p /etc/opendkim/keys/${DOMAIN}
# Create the key
sudo opendkim-genkey -b 1024 -d ${DOMAIN} -D /etc/opendkim/keys/${DOMAIN} -s ${SELECTOR} -v
# Set the right ownership for the newly generated key
sudo chown opendkim: /etc/opendkim/keys -R
# This is the public key and must be added to your dns record
sudo cat /etc/opendkim/keys/${DOMAIN}/${SELECTOR}.txt
这是我的消息来源: https://easydmarc.com/blog/how-to-configure-dkim-opendkim-with-postfix/